Friday, July 13, 2012

Google had denied claims made by Microsoft engineer Terry Zink that Android devices were discovered to being used to send spam as part of an international Android spam botnet.

In reaction to Microsoft’s Android botnet reports, Google claimed there is no evidence to support Zink’s warning that a new botnet is forcing infected Android phones to churn out spam.

Google said in a statement, "The evidence does not support the Android botnet claim.”

Search giant Google said that its own internal research indicated these spam messages were stemming from PCs, as opposed to smartphones.

"Our analysis suggests that spammers are using infected computers and a fake mobile signature to try to bypass anti-spam mechanisms in the email platform they're using," Google said.

The Android botnet reports is said to have initially stemmed from Zink, when it was claimed that he had discovered evidence that the Android ecosystem had been successfully infiltrated by a botnet.

In his post, Zink gave a warning that there is a new form of the malware that he found to be accessing Yahoo Mail accounts on Android devices to send spam messages.

It was also reported that he had tracked the originating IP addresses to Asia, Eastern Europe, South America, and the Middle East.

If true, this botnet would be the first ever discovered successfully targeting the Android ecosystem.

However, since Google's attack, a second blog post was issued by Zink, admitting of the possibility that the spam headers could have been spoofed to make it look like they came from Android devices instead of a PC.

Zink wrote, "Yes, it's entirely possible that bot on a compromised PC connected to Yahoo Mail, inserted the message-ID thus overriding Yahoo's own Message-IDs and added the 'Yahoo Mail for Android' tagline at the bottom of the message all in an elaborate deception to make it look like the spam was coming from Android devices.”

"The other possibility is that Android malware has become much more prevalent and because of its ubiquity, there is sufficient motivation for spammers to abuse the platform. The reason these messages appear to come from Android devices is because they did come from Android devices."